Opera Unite could be security risk say researchers

Users installing Opera Unite, Opera's new web development platform, could at risk from being hijacked by cyber-criminals, according to security researchers.

By
Robert McMillan, IDG News Service
| Jun 22, 2009

| IDG News Service

Share

TwitterFacebookLinkedInGoogle Plus

Users installing Opera Unite, Opera's new web development platform, could at risk from being hijacked by cyber-criminals, according to security researchers.

Opera Unite lets users run a web server from their desktops. The browser connects to an Opera proxy server, which then allows the browser to serve content to the rest of the Internet. This simplifies things for home users who want to host their own web pages; with Opera's architecture, they don't have to configure firewalls or worry about their Internet service providers blocking web server traffic.

However, Opera Unite could be an excellent resource for cycber criminals too. It's only a matter of time until the criminals start playing with it, according to Don Jackson, a researcher with SecureWorks. "Bad guys always need web servers," he said. "Anything that runs a web server is prone to attack."

But because Opera Unite runs on the desktop, it may be easier to hack than most web servers. "In this case it's a little worse, because instead of a machine that's managed in a data center, you may have someone on a machine in a hotel network that has no firewall on it," Jackson said.

Opera attack code is already included in the majority of browser attack tools that Jackson has studied. With Unite, he expects the hackers who write browser attack software to pay even more attention to Opera. "I think there will be a push to keep your exploit kit in marketable condition by developing exploits for Opera 10," he said.

Opera says it will monitor sites for malicious or inappropriate content, but Jackson says it will prove extremely difficult to police content that's being served by smart hackers. They may, for example, send Opera sanitised versions of their web pages and reserve the malicious stuff for all other visitors.

Botmasters might start using Unite as a platform for saving data, or for running the command-and-control servers that are the brains of their networks of hacked computers, Jackson said.

Jackson isn't the only security expert who's worried. Sunbelt Software Researcher Tom Kelchner said on his blog: "According to the Opera Unite Developer's Primer, 'Opera Unite features a web server running inside the Opera browser, which allows you to do some amazing things.' We're betting there [are] some other people who use the Internet who will be doing some amazing things with this too."

Opera says it runs Unite within a "sandboxed" environment, which should make it hard for people to jump from Unite into other parts of the PC's file system, but the company doesn't say what steps it's taking to prevent hacked PCs from misusing the service.